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Amendments to th e QaiiTis: 

This listi ng of claims will replace all prior versions, and listings, of claims in the 

applicallon: 

L (currently amended) A method facilitating deployment of voltime-based network 
policies across a computer network, the method comprising the steps of: 

monitoring, over a given time interval, the aggregate volume of data transfer 
corresponding to each user of a plurality of users, wherein the given time Inter val spans 
at ieastone week; 

detecting, for a first user in the plurality of users, a network titiiization milestone, 
wherein the network utilization milestone occurs when, within the given time interval, 
the aggregate volume of data ti'ansfer associated with the first user crosses a threshold; 
and 

affecting a characteristic associated with the network access provided to the first 
user identified in the detecting step. 

2. (previousiy amended) 'The methoci of claim 1 wherein the affecting step comprises 
the step of: 

affecting a performance characteristic of the network access provided to the first 
user identified in tlie detecting step. 

3. (previously amended) The method of claim 1 wherein the affecting step comprises 
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Hie Step of: 

degrading the network access provided to the first user identified In the 

detecting step. 

4. (previously amended) The method of claim 1 wherein the affecting step comprises 
the step of: 

denying further network access to the first user identified in the detecting step. 

5. {previously amended) The method of claim 1 wherein the affecting step comprises 
die step of: 

charging the first user identified In the detecting step for further network access. 

6. (previously amended) The method of claim 1 further comprising the step of 

notifying the first user when the aggregate volume of data U'ansfer associated 
witli the first user approaches the threshold. 

7. (previously amended) The method of claim 1 wherein the detecting step comprises 

comparing the aggregate number of transferred bytes associated with the first 
user over [|a]j the given time interval against a threshold level defining the network 
utilization milestone. 

8. (original) The methcHi of claim 3 wherein network access Is degraded only with 
respect to a predefined set of traffic types. 
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9. (or igmal) The method of claim 4 wherein network access is denied only with respect 
to a predefined set of traffic types. 

10. (original) 'The method of claim 1 wherein the monitoring step is performed only 
with respect to a predefined set of traffic types. 

11. (airrently amended) A method facilitating depioynient of volume-based network 
policies across a computer network, the method comprising the steps of 

monitoring, over a given time interval, the aggregate volume of data transfer 
corresponding to each user of a plurality of users witliin a given time Interval, wherein 
the aggregale volume of data transfer characterizes the volume of data corresponding to 
past and current data flows over the given time interva l and wherein the given time 
interval.spamivtJmstoo^^ 

detecting, for a first user in the plurality of users, a network utilization milestone, 
wherein the network utilization milestone occurs when, within the given time interval, 
the aggregate volume of data transfer associated with the first user crosses a threshold; 
and, 

affecting, for tlie remaiiider of the time interval, a characteristic associated with 
the network access provided to the first user icientified in the detecting step. 

1 2 (pre\ loUxslv amended) I he method of claim 11 wherein the affecting step comprises 
the step ot: 

jf iot^fing 0 pof tot mjntc characteristic of the network access provided to the first 
user {dontihed m the dotoctmg stop. 
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1 3. (previously amended) The method of claim 11. wherein the affecling step comprises 

Ihe step ot: 

degrading the network access provided to the first user identified in the 
detecting step. 

14. (previously amended) The method of claim 11 wherein the affecting step comprises 
tlie step of : 

denying f uttlier network access to tlie first user identified in the detecting step. 

15. (previously amended) The method of claim 11 wherein the affecting step comprises 

the step of: 

charging the first user identified in the detecting step for further network access. 

16. (previously amended) The method of claim 11 further comprising the step of 

notifying the first user when the aggregate volume of data transfer associated 
witii the first user approadies the threshold. 

17. (previously amended) The method of claim 11 wherein the detecting step 
comprises 

comparing the aggregate number of transferred bytes associated witli tlie first 
user over a given time interval against a threshold level defining the network utilijzation 
milestone. 
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18. (original) The method of claim 17 wherein the time ititerval is a fixed time interval 

1.9. (original) T he method of claim .17 wherein the time itilerval is a sliding lime 
interval 

20. (original) The method of claim 13 wherein network access is degraded only with 
respect to a predefined set of traffic types. 

21. (original) The metiiod of claim 14 wherein netu^ork access is denied only witli 
respect to a predefined set of traffic types, 

22. (cu rrently amended) The method of claim [|1J j II wherein the monitoring step is 
performed only with respect to a predefined set of traffic types. 

23. (currently amended) A method facilitating deployment of volume-based network 
policies across a computer network, the method comprising the steps of 

registering a user at a network access device connected to a first computer 
networ k, the network access dex'ice including an IP address; 
associating the IP add ress w^ith the user; 

providing the user access to a second computer network by changing the 
configuration of a network device in a communication patli between the first computer 
netwcffk and tJie second computer network; 

monstoi ing, f>\ er a g!\ vn Ume inten ai, the aggi egatc \ olume >it data ti dn^tvi 
associated with the IF addtoss , whorom the given time mtorval '^pans at least one w ook . 
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detecting a network utilization milestone based on the aggregate volume of data 
transfer within the given time interval associated with the IP address relative to a 
threshold; 

changing the configuration of the network device to affect a characteristic 
associated with access to the second network prov'ided to the user. 

24. (an'rently amended) An apparahis facilitating the deployment of volume-based 
network policies across a first computer network, the first computer network 
comprising at least one traffic monitoring device operative to monitor the volume of 
network traffic generated by individual users, and at least one network control device 
operative to conlTol access lo a second computer network, comprising 

a user account database maintaining the respective aggregate volumes of data 
transfer corresponding to each user of a plurality of users; 

a data logging module operative to collect the aggregate volume of data transfer 
witliin a given time interval for the pluralit)' of users collected data in the user account 
databas e, \vherein the given time interval spans at least one w-eek; 

a network usage monitor operative to: 

scan the user account database to detect for a first user in the pluralit}' of 
users, a network utili:«ation milestone reached by the first user based on the aggregate 
vokinie of data transfer associated with the first user in relation to a threshold and the 
given time inten-at and 

modify the configuration of the network control device to affect a 
characteristic of access to the second computer net^vork for the first user. 
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25. (original) The apparatus of claim 24 furtlier comprising a user interface module 
operative to register new users and create corresponding user accounts in the user 

account da labase. 

26. (original) The apparatus of claim 25 wherein the apparatus, in response to 
registration of a new user, is operative to modify the configuration of the network 
control device to allo^v access to the second computer network for the new user. 

27. (previously amended) A system facilitating the deployment of volume-based 
network policies across a first computer network^ comprising 

a bandwidth management device operably connected to a communication path 
between the first computer network and a second computer network, 
wherein the bandwidth management device is operative to: 

monUor, for a first host in a pfurality of hosts connected to the first 
network/ the aggregate volume of network traffic generated by the first host over a 
given time intei-val , wherein the givai time interval spans at least one w-eek, and 

enforce bandwidth utilization controls associated with individual hosts on 
data flows generated by the respectix'e individual hosts; 
a user management server operative to: 

detect, for the f irst ttser, a network utilization milestone based on the 
aggregate volume of data transfer in relation to a utilization threshold and the given 
time interval; and, 

in response to a network utilization milestone, change the configuration of 
the bandwidth management device to associate bandwidth utilization controls 
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correspDnding to the milestone with the first host. 

28. (original) I ho systeni of cl<iirn 27 wherein the bandwidth management device is 
operativ e to redirect data flows generated by unknown hosts on the first computer 
nehvork io Ihe user niaruigement server; and wherein user m«magem.ent ser\-er is 
operative to register unkno'wn hosts and change the configuration of the bandwidth 
management device to associate the host with bandwidth utilization controls operative 
to permit access to the second network. 

29. (original) The system of claim 27 wherein the bandwidth utilisation controls 
associated with the milestone are operative to deny access to the seconti computer 
network. 

30. (original) The system of ciaim 27 wherein the bandwidth utilization controls 
associated witli the milestone are operative to degrade access to the second computer 
network. 

31. (originai) Tlie system of claim 27 wherein tlie bandwidtii management device is 
further operative identify network traffic types associated with data flows traversing 
tho v.ie^ ue and vshef eui the nsei manogtmenl s<,'i\ ei is tipi'i Ut\ e to ;.onSj^uj e 
bandwidth utilization contrc>l6 apphcable to traffic i\ pes identified by the bandu idlh 
management device. 

32. (original) The system of claim 27 w^herein the bandwidth management device and 
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Hie user management server reside on the same device. 

33. (new) '['he melhod of claim 1 wherein the given time intervai spans one month. 

34. (new) The method of claim 11 wherein the given time interval spans one month. 

35. (new) The method of claim 23 wherein the given time interval spans one month. 

36. (new) The apparatus of claim 24 wherein the given time interval spans one month. 

37. (new) The system of claim 27 wherein the given time interval spans one month. 
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